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A METHOD AND SYSTEM FOR RESOURCE BUNDLING IN A 

COMMUNICATIONS NETWORK 



FIELD OF THE INVENTION 

The present invention relates generally to communication networks, and more particularly 
to systems and methods for policing data traffic in communication networks. 

BACKGROUND OF THE INVENTION 

Modem communication networks are more diverse and bandwidth-intensive than ever 
before. High-bandwidth communication networks are frequently required when a user needs to 
transmit a data flow. Data flows are data packets or service frames that have been analyzed for 
the purpose of determining, among others: the process flow to which they belong, the way the 
packets should be processed and the destination to which a packet should be routed. An 
exemplary process flow may be a series of packets, all belonging to the signaling of a file 
transfer protocol (FTP). Often the data flow includes data of different priority, ranging from 
high priority data, e.g., voice communications, which cannot tolerate significant delays, to low 

priority data, e.g., file transfers. 

Access to a communication network is typically facilitated by a service provider, which 
maintains equipment at nodes on the network. Generally, service providers supply access to 
the network for multiple users. A user can access the network with multiple data flows. In 
order to secure sufficient bandwidth, users often contract for discrete channels, each channel 
capable of handling the greatest expected bandwidth requirement of a respective data flow. 
Often, these channels utilize only a small fraction of the maximum allocated bandwidth. As a 
result, a user either pays for potential bandwidth and uses only a fraction thereof, or takes 
advantage and uses bandwidth at rates beyond what was actually paid for. In order to enable 
users to pay only for utilized bandwidtli, service providers limit the transmission rate. Means 
for limiting and controlling the traffic are even more essential in a network employing a non- 
deterministic access protocol, such as an Ethernet network or a metro Ethernet network 
(MEN). 
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Typically, service providers offer a user a range of services that are differentiated based 
on some performance characteristics, such as delays and packet losses. Specifically, a user 
purchases a service package that assures a certain level of service level, usually referred to as 
quality of service (QoS). A service package is determined by a bandwidth profile and a class of 
service (CoS). The bandwidth profile is a set of traffic parameters that govern the expected 
arrival pattern of user traffic and provide a deterministic upper bound or an envelope to the 
expected volume of trafiBc. The bandwidth traffic parameters are: committed information rate 
(CIR), committed burst size (CBS), excess information rate (EIR), and excess burst size (EBS). 
The CoS defines the treatment inside the provider network^ i.e., the level of delay requirement 
For example, a packet wth a higji priority level (or simply "high-priority) CoS may be 
forwarded at the highest priority to assure minimum processing delay. 

The traffic management is performed by the policing fimction implemented in a device 
(hereinafter the ''policer"), of a network access node. The policer enforces the rate on each 
incoming data flow or a set of data flows as designated in the ser/ice package and as 
characterized by the bandwidth. The first step in rate enforcement is to determine the level of 
conformance of the incoming data flow. The level of conformance is typically expressed as one 
of three colors: green, yellow, or red, where green packets are transmitted at a rate equal to the 
CBS, yellow packets are transmitted at a rate equal to the EES, and red packets are not 
transmitted. 

One of the algorithms used to compute the level of conformance of incoming data 
flows is the token bucket rate algorithm (TBRA). For each incoming flow, the TBRA 
determines whether to accept or reject the flow. A flow is accepted if its length is less than the 
bucket content Bj at time tj; otherwise, tlie flow is rejected. The bucket content at time t, is 
calculated using tlie equation: 

Bj = Amf[L, 5^.1 + if X [tj - tj,,)\ ; (1) 

\\iiere L is the bucket length (i.e., the burst size), and R is the rate. The parameters (L, R) can 
be replaced by the parameters (CBS, CIR) or (EBS, EIR) and therefore the TBRA can be used 
to determine the level of conformance for "green packets" and "yellow packets'*. Different 
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algorithms based on the principle described in the TBRA may be found in prior art. These 
include for example "three color marker", **leaky bucket"", adaptive leaky biacket", "one 
bucket-two colors", are just to name a few. 

At present, policers are not designed to share the available bandwidth according to the 
CoS. Specifically, the bandwidth can be shared either among an aggregation of data flows with 
different CoS, or among a set of data flows with the same CoS. In the former case^ data flow is 
served on a basis of "first comes first served", whereas in the latter case, the policer assxires for 
each CoS a constant rate, as'defined by the CIR. However, in both cases a policer can neither 
serve more than one data flow and more than one CoS, nor share the bandwidth eflSciently 
between different levels of CoS. Examples for policing methods and devices may be found in 
U.S. patents No. 5,51 1,066, 5,541,913 and 6,072,989 to Witters et al, 6,104,700 to Haddock et 
al, and 6,646,988 to Nandy et al, and in U.S. patent application No 10/095,909 to Rawlms et al. 

Therefore, in the view of the limitations introduced in the prior art, it would be 
advantageous to provide a policer that handles multiple classes of service and multiple data 
flows. It would be further advantageous if such a policer shares the bandwidth allocated to a 
single user in a prioritized manner. 

SUMMARY OF THE INVENTION 

The present invention discloses a network policing unit that can handle mixltiple classes 
of service and multiple data flows, while sharing the bandwidth allocated to a single user in a 
prioritized manner, as well as methods for resource bundling using the policing unit and 
policers incorporated in it The methods disclosed herein may be applied to a plurality' of 
classes of service of a plurality of different data flows, and facilitate sharing of an available 
bandwidth among the data flows in a prioritized manner. They allow a single user to aggregate 
multiple CoS, hence enabling a low priority CoS to consume bandwidth when a high priority 
CoS is idle. This ensures that a user utilizes the entire bandwidth paid for. That is, the 
bandwidth is not shared among other users when the high priority CoS data flow of a user is 
idle. In other words, paid-for bandwidth is first used for lower priority packets of the paying 
user rather than being utilized by high priority packets of another user who does not pay for the 
additional bandwidth that may be needed. 
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According to the present invention there is provided, in a comniunication network, a 
method for resource bundling comprising the steps of: receiving, at a network policer, a 
plurality of data flows having different class of service (CoS) priority levels, the data flows 
associated with a single user having an allocated bandwidth; processing the data flows while 
sharing die allocated bandwidth between the different CoS priority levels in a prioritized 
manner, and forwarding the processed data flows to the communications network. 

According to one feature in the method for resource bundling mentioned above, each 
data flow includes at least one packet of a respective CoS priority level, each such packet 
having a packet lengdi, wherein the step of processing includes, for each packet, sub-steps of 
providing a threshold associated with each CoS, calculating a tentative credit value for the 
packet and forming a forwarding decision based on a comparison bet^veen the tentative credit 
value and the threshold associated with the CoS. 

According to the present invention there is provided, in a second embodiment, a 
method for resource bundling in a communications network comprising the steps of: at a 
network policer dedicated to a user, receiving a plurality of data flows comprising a plurality of 
data packets having corresponding packets lengths, the data flows belonging to at least two 
different class of service (CoS) priority levels; performing a prioritized conformance test for 
each data packet to accept or reject the data packet; and responsive to the conformance test, 
further processing each data packeL 

According to a feature in the second embodiment of the method for resource bundling 
in a communications netv^'ork, the step of processing includes, for accepted data packets, 
forwarding all the accepted data packets regardless of their respective CoS priority level to the 
communications network, and for rejected data packets, forwarding the rejected data packet to 
a lower level network policer for further processing. 

According to me present invention there is provided a system operative to bundle 
resources in a communications network comprising: a plurality of network policers dedicated 
to a user, each policer operative to share a plurality data flows bandwidth allocated to the user 
in a prioritized manner, wherein the data flows belong to a plurality of different class of service 
(CoS) priority levels; and a corresponding plurality of coloring units, each coloring unit 
coupled to a respective network policer and used to color data packets of the data flows 
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processed in the respective policer, whereby the system allows the single user to aggregate 
multiple CoS, hence enabling a low priority CoS to consume bandwidth w^hen a tiigh priority 
CoS is idle. 

BRIEF DESCRIPTION OF THE DRAWINGS 

FIG. 1 is an exemplary diagram of a policmg unit for the purpose of illustrating the 
principles of the present invention; 

FIG. 2 is a time diagram illustrating the operation of a policer according to the present 

invention; 

FIG. 3 shows three (a, b, c) time diagrams illustrating one of the capabilities of a 
policer according to the present invention; 

FIG. 4 is an exemplary embodiment of an algorithm used for policing data flows 

according to the present invention; 

FIG. 5 is a non-limiting block diagram of a policer according to the present invention; 

FIG. 6 is another exemplary embodiment of an algorithm for policing data flows 
according to the present invention. 

DETAILED DESCRIPTION OF THE PREFERRED EMBODIMENTS 

The present invention provides methods and a system for resource bundling in 
networking systems. The method described herein is capable of handling multiple data flows. 
The system is a policing unit (PU) involving a plurality of cascaded poh'cers. Data flows are 
data packets, or service jframes that have been analyzed for the purpose of determinmg the 
process flow to which they belong, how the packets should be processed, where the packet 
should be routed, and so on. For example, a process flow may be a series of packets all 
belonging to the signaling of a file transfer protocol (FTP). 

Reference is now made to FIG. 1, which shows an exemplary diagram of a policing unit 
100 allocated per user for the purpose of illustrating the principles of the present invention. PU 
100 includes 'n' policers 110-1 through 110-n connected in a cascade connection. A policer 
110 is parameterized by the pairs (CIR, CBS) or (EHl, EBS). For each policer 1 10 a coloring 
unit (CU) 120 is attached. Each CU 120 marks the packets with a different color as 
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preconfigured by the service provider. For example, data packets passing through policer 110-1 
are marked by a CU 120-1 in green, packets passing through policer 110-2 are marked by a CU 
120-2 in yellow, v^hile packets passing through policer 110-n are marked by a CU 120-a in 
red. Policer 110 includes a plurality of thresholds (see FIGS 2, 3), where each threshold 
defines the allowed burst size for a CoS priority level. For each received data packet, policer 
110 performs a conformance check to determine whether to accept or reject an incoming 
packet The decision to accept or reject is based on a preconfigured threshold as well as the 
available bandwidth, as described in greater detail below. As seen in FIG, 1, policer 110-1 can 
accept or reject packets with a high priority CoS or a low priority CoS, High priority CoS 
packets have priority over low priority CoS packets regardless of the amount of available 
bandwidth. Packets accepted by policer 110-1 are colored in green, while packets rejected by 
policer 110-1 are forwarded to policer 110-2, which handles only lower priority CoS packets. 
In this example, rejected high priority packets are discarded. 

A policer 110 includes various configurable parameters. The configurable parameters 
include, but are not limited to, the CoS priority' levels to be handled by the policer, the 
thresholds, the colors to mark accepted packets, CIR, CBS, EIR, EBS, and others. This allows 
a service provider to define and offer a plurality of different service packages for different 
users. For example, a client may purchase a service package of 10Mbps of CER and 4KB of 
CBS for high priority CoS, as well as 5Mbps of EIR for low priority CoS. The service package 
may include the rule that when flows of the high priory CoS are inactive, flows of the low 
priority CoS may also use the CIR with a burst less than 2KB. For such a service package, the 
service provider configures the low priority threshold to the value of 2KB and the high priority 
thresholds to the value of 6 KB (i.e., the 4 KB requested as a minimum for tiie high priority 
CoS plus the 2KB for the low priority CoS). 

Reference is now made to FIG. 2, which shows a tim.e diagram illustrating the 
operation of a policer according to the present invention. The policer includes two threshold 
levels 210 and 220. While the operation of the policer is discussed for only two thresholds, this 
is perfomied for exemplary purposes only, and multiple threshold levels may be used as may 
be necessary for the particular application. Thresholds 210 and 220 define a permitted burst 
size for a low priority CoS and a high priority CoS respectively. At time to, the policer has 
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enou^ credit value (Co, equal to the maximum permitted burst size (MPBS)) to accept either a 
high priority packet (a packet with a high priority CoS) or a low priority packet, as long as the 
length of the incoming packet is smaller than the Co. Specifically, an avsdlable credit value Cj 
2it time tj can be calculated using the equation: 



The credit value, the length of a packet, and the burst size are typically measured in bytes. 

A packet length is tolerated between a maximum length and a minimum length as 
defined by the protocol type. At time ti, a low priority packet 230-1 with length \\ is received. 
Since h is smaller than the permitted burst size defined for a low-level threshold (THl) of 
threshold 210 (i.e. h < THl), packet 230-1 is accepted by policer 110-1 (FIG. 1). As a result, 
the credit value at time t| (Ci) is set to be the value of the credit value of time to (Co) minus the 
length l\. At time ti, a high priority packet 230-2 with length b is received. As the value of the 
credit at time t2 (C2) minus I2 does not exceed a permitted burst size defined for a high level 
threshold (THh) of threshold 220 (i.e., C2 - ii < THh), packet 230-2 is accepted. As a result, the 
credit value is set to the value C2- I2- At time ta, a high priority packet with length I3 is received. 
The credit value at time ts (C3) minus I3 exceeds threshold 220 (i.e., C3 — I3 > THh) and 
therefore packet 230-3 is rejected. The credit value increases as a fianction of the rate, i.e. CIR 
or EIR, see e.g. equation (2). 
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Reference is now made to FIG. 3A, which shows a time diagram demonstrating one of 
the capabilities of a policer to protect high priority CoS data flows against flooding from low 
priority CoS data flows in accordance with the present invention. At time t2 a Joav priority 
packet 330-1 with length U is received. The credit value at time t2 (C2) minus the length of 
packet 330-1 (li) exceeds a low-level threshold 310 (i.e., C2 - li > THl), and for that reason 
packet 330-1 is rejected. Subsequently, a high priority packet 330-2 having length I2, is 
received- Due to the fact that the value of the current credit (C2) minus I2 does not exceed a 
high level threshold 320 (i.e. C2 - 12 < TihX packet 330-2 is accepted. As can be seen in FIG. 
3B, acceptance of packet 330-1 would have caused rejection of packet 330-2, since there is not 
enough bandwidth to serve both packets. 

Referring now to FIG. 3C, which shows another example for the operation of a policer 
according to the present invention. Four consecutive data packets 330-1, 330-2, 330-3, and 
330-4, all belonging to a low priority data flow, arrive at the policer between time to to time 
The lengths of data packets 330-1, 330-2, 330-3, and 330-4 are ij, io, I3, and U respectively. At 
time ti, packet 330-1 is accepted, since the credit value at time ti (C3) minus its length (li) <iots 
not exceed low-level threshold 310 (i.e., d - h < THl). At time t2, packet 330-2 is accepted, 
although the credit value at time t2 (C2) minus its length (I2) exceeds low-level threshold 310 
(i.e. C2 - I2 > THl). Packet 530-3 is accepted, since a sequence of low priority packets are 
received immediately after packet 330-2, Hence, this allows a user to consume the entire 
bandwidth paid for when high priority flow is not transmitted, i.e., when no high priority 
packets are received. For the same reason, at time ts, packet 330-3 is accepted, although the 
credit value at time tj (C3) minus its length (I3) exceeds low-level threshold 310. At time Uy 
packet 330-4 is rejected to leave enough bandwidth for a high priorit)' packet 310-5 that arrives 
at a later time ts. This is performed in order to eliminate the acceptance of the low priority 
flows in favor of high priority flows. At time ts, packet 330-5 is accepted, since the credit value 
at time ts (C5) minus the length of packet 330-5 (I5) does not exceed high-level threshold 320 
(i.e., Cs -l5<THh). 

As can be understood from the exemplary cases described above, the use of multiple 
thresholds allows the sharing of bandwidth allocated to a single user in a prioritized manner. 
Furthermore, as a policer 110 is allocated per user, a single user may aggregate multiple CoS 
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and thus allow low priority data flows to consume bandwidth allocated for hi^ priority data 
flows, when such high priority flows are not transmitted, but which bandwidth was paid for 
anyway. This is in contrast with prior art solutions in which unused bandwidth allocated for 
high priority flows is shared among other users. That is, a poiicer 110 is designed to provide 
resource bundling. 

Reference is now made to FIG. 4, which shows an exemplary embodiment of an 
algorithm 400 used for policing data flows in accordance with this invention. At step S410, a 
packet 'j' with a length Ij is received. At step S420, the incoming packet is analyz&d to 
determine the CoS priority level of the packet The CoS priority level is designated in the 
packet^s header. At step S430, a tentative credit value ("B") is calculated for packet 'j' arriving 
at time tj. The tentative credit value determines the remaining credit after accepting an 
incoming packet The tentative credit value is calculated using the following equation: 

B = Cj-lj; (3) 

whore Cj is the available credit at time tj. The value of Cj is preferably calculated using 
equation (2). At step S440 the tentative credit value is compared against a CoS threshold 
(THcos) corresponding to the CoS priority level of the incoming packet. If the value of the 
tentative credit value is lower than the threshold value (i.e. if B < THcos)? then, at step S450, 
the packet is accepted; otherwise, at step S470, the packet is rejected. As a result of accepting 
the packet, at step S460 the credit Cj is set to the value of the tentative credit value. A rejected 
packet can be forw^arded to another poiicer of a lower level, or alternatively it ma}' be dropped. 

The disclosed method can be implemented in software (computer code) using a 
computing machine. The software could be in any type of computing language in any level. 
The techniques could also be implemented using a combination of hardware and sofi^vare. 
Computer program products (including Internet downloads) that include the software for 
implementing the disclosed techniques form part of the disclosed teachings. Reference is 
now made to FIG. 5, which shows a non-limiting block diagram of a poiicer 110. Poiicer 110 
preferably comprises an input port 505 and an output port 575. Poiicer 110 fiirther includes a 
receiver 510, a transmitter 520, a determination unit (DU) 530, a computing unit (CU) 540, and 
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a comparator 550. Input port 505 and output port 575 may be, but are not limited to, lOMbp, 
100Mbps, IGbps, and lOGps Ethernet ports. Input and output ports are both coupled to a 
common communication link (not shown). Receiver 510 is coupled to input port 505 and to 
DU 530, which in turn is coupled to CU 540. CU 540 is further coupled to comparator 550, 
which is further coupled to transmitter 520. 

Receiver 510 receives throu^ input port 505 the incoming data packets being 
transported over the common communication link. Upon reception of a data packet, receiver 
510 provides the infomiation of the header part of this data packet to DU 530. DU 530 
determines, from the received header information, the CoS priority level and the length of the 
incoming packeL DU 530 provides comparator 550 with the CoS priority level information and 
CU 540 with the packet length 1. CU 540 computes the tentative credit value (B), using for 
example equation (3), and provides comparator 550 with the result. Comparator 550 executes a 
conformance check according to the predefined threshold and the CoS priority level of the 
packet Comparator 550 determines if the calculated tentative credit value (B) exceeds the 
predefined threshold, and if it does, the packet is rejected; otherwise, the packet is accepted. In 
the event that comparator 550 declares the received packet as accepted, the packet can be 
transmitted on the communication link. As a result, comparator 550 forwards a permission 
signal to the transmitter 520, which subsequently transmits the packet on the commimication 
link. If the received packet is rejected, then the packet is not transmitted on the communication 
link, and can be either discarded or forwarded to another policer. 

It should be appreciated by a person skilled in the art that the components of a policer 
110 described herein may be hardware components, firmware components, software 
components, or a combination thereof. 

In an embodiment of this invention, policer 110 may be included in a metro Ethernet 
network on the user-network interface (UNI) using a standard lOMbp, 100Mbps, IGbps, 
lOGps Ethernet interface. In a metro Ethernet networ, policer 110 may carry out all the 
activities related to Ethernet traffic management as described in greater detail above. 

Reference is now made to FIG. 6, which shows another exemplary embodiment of an 
algorithm for policing data flows according to the present invention. FIG. 6 shows a set of *n' 
counters 610-1 through 610-n included in a policer (e.g,, policer 110). Each of counters 610 
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serves a different priority level of CoS. A counter 610-i coants at a rate proportional to the 
committed rate (i.e. the CIR) until the threshold of that rate is reached. Once the threshold is 
reached, a next counter 610-i-hl starts to accumulate credit. Specifically, when a packet arrives, 
its length is compared to the amount of available credit in counters 610 and the packet is 
deemed conforming or non-conforming based on a preprogrammed rule. As a non-limiting 
example, a packet with a CoS priority level 'j' is accepted if the following rule is obeyed: 

1 > CCj H- CCj+i + ... + CCn (4) 

where I is the length of the packet and CQ is the amount of credit in counter 610-i. The CoS 
priority levels of counter 610-1 through 610-n are CoSi through CoSn respectively, where CoSi 
is the highest priority and CoSn is the lowest priority. After which, the counters are depleted, 
starting with CCn until a credit with a total length i' has been removed. 

All publications, patents and patent applications mentioned in this specification are 
herein incorporated in their entirety by reference into the specification, to the same extent as if 
each individual publication, patent or patent application was specifically and individually 
indicated to be incorporated herein by reference. In additioa, citation or identification of any 
reference in this application shall not be construed as an admission that such reference is 
available as prior art to the present invention. 

While the invention has been described with respect to a limited number of 
embodiments, it will be appreciated that many variations, modifications and other applications 
of the invention may be made. 
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